Securing Storage a Sound Plan for Start-ups

The beauty of storage area networks (SANs) is that employees can gather, store, and retrieve specific information from terabytes of data at a moment's notice. But SANs can also be surprisingly vulnerable to attacks.

Storage experts say that major vendors such as EMC , IBM , HP , and Hitachi Data Systems have ignored security for too long and run the risk of leaving the customers who buy their pricey products vulnerable to attacks. This oversight could result in millions of dollars of damage in lost or misused information.

How big a problem is it? A recent PricewaterhouseCoopers report concluded that the top result of security breaches is the compromise or loss of stored data — not impacts to application or network availability — according to 30 percent of 7,500 surveyed IT professionals.

Disregard for storage security has created opportunities for a handful of firms. Companies like Decru, NeoScale, Vormetric, Kasten Chase, and Ingrian Networks have all developed unique software and/or hardware methods to help enterprises with SANs repel attackers.

The situation wasn't always so serious, according to Hu Yoshida, a vice president and chief technologist at Hitachi Data Systems. Older direct-attached storage (DAS) methods don't have the multiple access points.

Every SAN connection, though, whether it be to a host bus adapter, storage device, or Fibre Channel port, runs the risk of being infiltrated. Attackers may grab the network address and "spoof" a user, pretending they're someone else. Yoshida says the architecture of a SAN is like the layers in an onion — once an attacker gets past one layer he can easily "peel away" the next.

Why a Problem Now?

Of course, SANs have been around for years, so what makes this such a problem now? The rules have changed, Enterprise Storage Group analyst Jon Oltsik told internetnews.com. "There are a lot more government regulations now that say we have to keep information for a certain period of time, and if a company can't produce the files, they could face legal action."

Oltsik says SANs offer "extremely preliminary security" in the form of zoning and partitioning logical unit numbers, or LUNs , which distinguish between devices that share the same bus . Using these techniques, the analyst explains, "my server can't see into your disk partitions, even if they're on the same device."

But these features are not enough to stop a diligent hacker's attempt to steal information or vandalize the system, according to Oltsik. Major vendors have tended to ignore security principles such as authorization, authentication, and other policy-based protocols, but they are getting more wise, protecting their SANs from being written over by another host.

HDS' Yoshida admits this is true, but notes that HDS has taken steps to alleviate the security issues, including a feature in its Thunder and Lightning arrays that responds to a "checksum," a basic error-detection scheme in which each transmitted message is accompanied by a numerical value based on the number of set bits in the message. The checksum is then processed to guarantee that what is written onto a disk was recorded without modification.

But most vendors don't have such a system, which is why Yoshida and Oltsik both feel there is a solid market opportunity for start-ups like Decru, Vormetric, NeoScale, Kasten Chase, and Ingrian.